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(54) Tltie: REUSE OF SECURITY ASSOCIATIONS FOR IMPROVING HAND-OVER PERFORMANCE 
(57) Abstract 

In a radio telecommunication sys- 
tem, the performance of a mobile unit 
can be significantly improved during a 
hand-over procedure by reusing existing 
security associations that correspond to 
the mobile unit. By reusing existing se- 
curity associations, a mobile unit can be- 
gin secure communications immediately 
following the hand-over. Otherwise, and 
in accordance with conventional practice, 
the mobile unit will have to undertake 
the time consuming task of renegotiating 
the required security associations, before 
it can begin transmitting and receiving se- 
cure communications. 
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REUSE OF SECURITY ASSOCIATIONS FOR 
IMPROVING HAND-OVER PERFORMANCE 

FIELD OF THE INVENTION 

The present invention involves wireless telecommunication systems and/or 
networks, sucli as wireless local are a networks (LANs) and Mobile Internet 
Protocol (IP) systems. More particularly, the present invention involves the reuse 
of security associations when a mobile unit or mobile terminal undergoes hand- 
over from one stationary unit in the network to another . 

BACKGROUND 

With the rapid development of wireless and mobile communication 
technologies, communication security issues, such as user authentication, traffic 
privacy and message integrity have become important concerns. In response, a 
number of Internet Engineering Task Force (IETF) security protocol standards, 
such as the Internet Key Exchange (IKE) protocol, the Internet Security 
Association and Key Management Protocol (ISAKMP), and the Internet Protocol 
Security (IPseq* are now employed in various wireless LAN and Mobile IP 
environments. 

The IKE protocol was designed to provide a mechanism for two or more 
communicating parties, such as a mobile unit (MU) and a network stationary imit 
(SU), to negotiate various security services and security associations. A security 
service is a method or means for providing protection for the communication 
between the two or more panies, whereas, a security association (SA) is a 
relationship between the two or more commimicating panies which defines how 
the parties will execute the agreed upon security services. A security association is 
actually defined by a set of attributes, such as an authentication algorithm, an 
authentication key, an encryption algorithm, an encryption key, and a SA lifethne, 



wo 00/41427 



PCT/SEOO/00020 



.2. 

which represents the period of time during which the corresponding SA is valid. 
As one skilled in the art will appreciate, the SAs must be negotiated and in place 
before the two or more parties can begin secure communications the procedure for 
negotiating security services and SAs in accordance with the IKE protocol is 
accomplished in two phases. In a first phase (i.e., phase 1), the communicating 
parties negotiate the ISAKMP SA. The ISAKMP SA is defined by a set of basic 
security attributes which provide protection for subsequent ISAKMP exchanges. 
In a second phase (i.e., phase 2), and under the protection of the ISAKMP SA, the 
communicating parties negotiate the IPsec SAs associated with the IP sec 
authentication header (AH) protocol and/or the IPjec encapsulating security 
payload (ESP) protocol. The IPsec protocols provide security services for 
communications at the IP layer. As is known in the art, a specific IPjecSA is 
uniquely defined by a security parameter index (SPI), a destination IP address, and 
an IPsec protocol (i.e.. AH or ESP). 

Because the SAs (i.e., the ISAKMP SA and the IPsec SAs) are bound to the 
negotiating parties, the SAs are renegotiated whenever a mobile unit moves from 
one access point to another in a wireless LAN environment, or from one foreign 
agent to another in a mobile IP context. However, the IKE negotiation process is 
computationally intensive, particularly phase L This is especially troublesome in 
wireless LAN and mobile IP applications where the mobile unit is frequently 
undergoing hand-over from one SU to another and where the MU has limited 
computational power. Under such conditions, overall system perfonnance will be 
exceptionally low since a significant amoimt of time must be spent renegotiating 
SAs rather than communicating. 

SUMMARY OF THE INVENTION 

It is an object of the present invention to provide a technique which 
improves the performance of a mobile unit (MU) in a wireless LAN or mobile IP 
environment, particularly during hand-over. The present invention accomplishes 
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this by reusing rather then renegotiating the security associations (SAs) 
corresponding to the MU once the MU is handed-over. By reusing the SAs, less 
time is spent negotiating SAs. Consequently, a MU can begin secure 
communications almost immediately upon being handed-over from one SU to a 
another SU. 

Accordingly, it is an objective of the present invention to provide a more 
efficient way to utilize SAs during hand-over. 

It is another objective of the present invention to reduce and/or minimize 
the latency period between the time a MU is handed-over to a stationary unit and 
the time the MU can begin secure communications with that stationary unit. 

It is yet another objective of the present invention to generally improve the 
performance of a MU through seamless hand-over. 

It is still another objective of the present invention to maintain a required 
level of performance without sacrificing communication security. 

In accordance with one embodiment of the present invention, the above- 
identified and other objectives are achieved through a method and/or an apparatus 
for accomplishing hand-over of a mobile unit from a first st^ionary unit to a 
second stationary unit. The method involves disconnecting the mobile unit from 
the first stationary unit, and thereafter, connecting the mobile unit to the second 
stationary unit. The method also involves reusing an existing security association 
to support the connection between the mobile unit and the second stationary unit, 
wherein the existing security association was previously used to support the . 
connection between the mobile unit and the first stationary unit. 

In accordance with another embodiment of the present invention, the 
above-identified and other objectives are achieved with a method and/or an 
apparatus for accomplishing hand-over of a mobile unit from a first stationary unit 
to a second stationary unit. More specifically, the method involves disconnecting 
the mobile unit from the first stationary unit, and thereafter, connecting the mobile 
unit to the second stationary unit. The method then involves reusing an existing 
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security association to support the connection between the mobile unit and the 
second stationary unit, wherein the existing security association was previously 
used to ensure secure conununications for a connection between the mobile unit 
and a third stationary unit, and wherein the third stationary unit and the second 
stationary unit are associated with a first administrative domain that employs a 
common security policy. 

In accordance with still another embodiment of the present invention, the 
above-identified and other objectives are achieved with a method for reusing 
security associations to facilitate hand-over of a mobile unit between stationary 
units that are associated with a common administrative domain, wherein all of the 
stationary imits associated with the common administrative domain are subject to 
the same security policy. The method involves negotiating a first security 
association for a connection between the mobile unit and a first stationary unit 
associated with the conunon administrative domain. The mobile unit is then 
disconnected from the first stationary unit, and thereafter, connected to a second 
stationary unit associated with the common administrative domain. A first set of 
security association attributes, corresponding to the first security association, is 
then transferred from the first stationary unit to the second stationary unit. The 
first security association can then be employed to ensure secure conununications 
for the connection between the mobile unit and the second stationary unit. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The objects and advantages of the invention will be understood by reading 
the following detailed description in conjunction with the drawings in which: 

FIG. 1 illustrates a first exemplary embodiment of the present invention; 

FIG. 2 illustrates a second exemplary embodiment of the present invention; 

FIG. 3 illustrates a first exemplary set of security association attributes 
being transferred in accordance with the present invention; 

FIG. 4 illustrates a second set of security association attributes being 



wo 00/41427 



PCT/SEOO/00020 



-5- 

transferred in accordance with the present invention; and 

FIG. 5 illustrates the transfer of security association attribute information, 
in accordance with the present invention, using encryption and authentication 
techniques. 

DETAILED DESCRIPTION OF THE INVENTION 

For a better understanding of the invention, the following detailed 
description refers to the accompanying drawings, wherein preferred exemplary 
embodiments of the present invention are illustrated and described. In addition, 
the reference numbers used to identify key elements of the invention in the 
drawings are consistent throughout this description. 

The present invention involves a technique which improves the 
performance of a mobile unit or mobile terminal (herem referred to as a "MU") in 
a radio telecommunication system, particularly during hand-over, wherein the MU 
becomes disconnected from a first stationary unit (herein referred to as "SU^") and 
connected to another stationary unit (herein referred to as "SUk+i"), and wherein 
SUk and SUj^+i belong to a common administrative network domain that is under 
the control of a common security policy. The present invention accomplishes this 
by reusing one or more previously established security associations to support the 
newly formed connection between the MU and SU^+i. By reusing these previously 
established security associations, the MU and SU^+i need not go through the time 
consuming task of renegotiating the security associations (herein referred to as 
"SA"s) each time the MU changes it's point of connection (e.g., undergoes hand- 
over) within the administrative domain. The present invention is of particularly 
importance where the communicating entities (e.g., the MU and SU^+i) exhibit 
low to medium level computational power, and where the MU is especially mobile 
and frequently undergoing hand-over. 

In accordance with the present invention, each of a number of stationary 
units (SUs) associated with the same administrative domain, and thus under the 
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control of a common security policy, are managed in an identical manner with 
respect to the SAs that are employed to protect the communication between the 
MU and the various SUs. Accordingly, the set of SAs that are established between 
the MU and any one of the various SUs belonging to that administrative domain 
can be reused by any one of the other SUs associated with that administrative 
domain, if and when the MU is handed-over to one of these other SUs. As 
previously stated, reuse of the previously established SAs will improve the 
performance of the MU during hand-over, without sacrificing communication 
security. However, depending upon the extent to which MU performance 
improvement is desired, two exemplary embodiments of the present invention are 
described herein below. 

In accordance with a first exemplary embodiment of the present invention, 
herein referred to as the partial SA reuse embodiment, a previously established 
Internet Security Association and Key Management Protocol (ISAKMP) SA is 
reused each time the MU is handed-over to another SU (i.e., SU,,+,) in the 
administrative domain. More specifically, when the MU establishes a connection 
with a SU in the administrative domain for the first time, the Internet Key 
Exchange (IKE) phase 1 negotiation, which is used for establishing the ISAKMP 
SA, and the IKE phase 2 negotiation, which is used for establishing the IPsec SAs, 
are carried out in accordance with the various standards set forth by the Internet 
Engineering Task Force (IETF). However, as the mobile unit moves about, and is 
handed-over to another SU (i.e., SU^+i) associated with the same administrative 
domain, the previously established ISAKMP SA is reused by the MU and SU^^.!. 
Nevertheless, the MU and SU^+i still must conduct an IKE phase 2 negotiation; 
that is, the MU and SU^^, must renegotiate the IPjec SAs. Because the IKE phase 
1 SA negotiation process is far more time consuming relative to the IKE phase 2 
negotiation process, the reuse of the ISAKMP SA greatly improves the 
performance of the MU during hand-over. 

In accordance with a second exemplary embodiment of the present 
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invention, herein referred to as the full SA reuse embodiment, the previously 
established ISAKMP SA and the previously established IPsec SAs are reused each 
time the MU undergoes hand-over from one SU (i.e., SUj^) to another SU (i.e., 
SU„+i) in the administrative domain. As stated above, when a MU connects with a 
SU in the administrative domain for the first time, the ISAKMP SA and the IPsec 
SAs are established in accordance with the IKE phase 1 and the IKE phase 2 
negotiation processes respectively. However, unlike the partial SA reuse 
embodiment described above, subsequent hand-overs result in the reuse of both the 
previously established ISAKMP SA and the previously established IPsec SAs. 
Thus, the entire IKE SA negotiation process, including phase 1 and phase 2, is 
avoided. Therefore, the MU and SU^+i can begin communicating with each other 
ahnost immediately after the ISAKMP SA and the IPjec SAs are transferred from 
SU„ to SUk+i . Consequently, the hand-over procedure is accomplished in a 
seamless or near seamless fashion. 

In general, the fiill SA reuse embodiment provides greater MU 
performance enhancement during hand-over dian does the partial SA reuse 
embodiment. That is because the MU and SU^+i need not renegotiate any SAs. 
Why then might a network administrator opt to implement the partial SA reuse 
embodiment over the full SA reuse embodiment? One reason might be that the 
network administrator does not want the various SUs associated with an 
administrative domain to share the same session keys (i.e.,<encryption and 
authentication keys) as specified by the IPsec SAs. If, for example, all the SUs 
associated with the administrative domain share the same session keys and just one 
of the SUs is compromised, an attacker can probably compromise communications 
between the MU and any of the SUs associated with the administrative domain. 

As stated previously, a specific IPsec SA is uniquely identified by a security 
parameter index (SPI), in combination with a destination IP address, and a 
particular security protocol (e.g., the authentication header protocol or the 
encapsulating security pay load protocol). As such, a common IP address is needed 
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for all SUs in the administrative domain, in order to reuse an IPsec SA. In 
accordance with the full SA reuse embodiment, this common IP address may be 
assigned to each SU as an alias IP address. However, under certam 
circumstances, a network administrator may not want to assign a common IP 
address to each SU, If this is the case, the network administrator is likely to opt 
the partial SA reuse embodiment rather than the full SA reuse embodiment. 

When a MU is handed-over from one SU (e.g. SV^ to another SU (e.g. 
SUj^+i), the SA attributes corresponding to the ISAKMP SA and the SA attributes 
corresponding to the IF^ec SAs, depending upon whether the partial SA reuse 
embodiment or the full SA reuse embodiment is being employed, must be 
transferred from SU^ to SUi,^.i. This transfer of SA attributes from SU„ to SUk+, 
may be accomplished in accordance with any one of a number of exemplary 
techniques. 

FIG. 1 illustrates one such technique herein referred to as the dkect 
transfer technique. According to the direct transfer technique, a MU 101 
undergoes a hand-over from SU^ 105 to SU^+i 110, as illustrated by the directional 
arrow marked "1". Next, SUj,+, 110 contacts SU^ 105 by sending a SA request 
message, as illustrated by the directional arrow marked "2". The SA request 
message specifically requests those SAs associated with the MU 101. 
Accordingly, the SA request message must contain an identifier code for the MU 
101. SUk 105 then replies to the SA request message by sending the appropriate 
SA attributes to SU,,+i 110. as illustrated by the directional arrow marked "3" 

In addition to the procedural steps described above, the direct ttansfer 
technique illustrated m FIG. 1, might also involve the step of verifying that SU^ 
belongs to the same administrative domain as SUk+i- To accomplish this, each SU 
associated with the administrative domain might mamtain a list containing all IP 
addresses associated with the administrative domain. SU^+i can then perform the 
required verification by simply checking to see if the IP address associated with 
SU^ is on the list. Alternatively, if administrative domain corresponds with an IP 
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network or subnet, SJJy,^^ can simply compare the network identification portion of 
SUfc's IP address with the network identification portion of it*s own IP address. If 
they match, 811^+, has verified that SU,,, in feet, belongs to the same administrative 
domain. If 81)^+, determines that SU^ does not belong to the same administrative 
domain, then the MU and SU^^^ may be required to renegotiate the ISAKMP SA 
and the IPsec SAs, unless the attributes associated with the I8AKMP SA and the 
IPsEc SAs were stored, for example, in a database, as illustrated m FIG. 2, during 
a previous connection between the MU and any one of the SUs associated with the 
administrative domain to which SUk+i belongs. 

FIG. 2 illustrates an alternative technique for transferring the appropriate 
SA attributes. This alternative technique is herein referred to as the intermediate 
storage technique. The intermediate storage technique may be preferable where 
the network configuration makes it difficult to identify SU^. or when direct 
communication between SU^ and SU^+i is difficult or undesirable. In accordance 
with this alternative technique, as shown in FIG. 2, a MU 201 undergoes a hand- 
over from SUk 205 to SU,,+, 210, as illustrated by the directional arrow marked 
"1". Prior to, simultaneous to, or if necessary, subsequent to the hand-over, SU^ 
transfers the appropriate SAs associated with the MU 201 to a database (DBS) 
215, as indicated by the directional arrow marked "2". SUj,+, 210 then sends a SA 
request message to the DBS 215, as illustrated by the directional arrow marked 
"3". As in the direct transfer technique, the SA request meissage contains an 
identifier code that specifically identifies the MU 201. Thus, the DBS 215 can 
reply to the SA request message by sending the appropriate SAs, associated with 
the MU 201, to SU^+i 210, as illustrated by the directional arrow marked "4". 

As one skilled in the art will readily appropriate, the SAs contain sensitive 
information (e.g., session keys). Accordingly, the SA information that is 
transferred from SU^, to SU^+i, using the direct transfer or the intermediate storage 
technique, should be protected. Therefore, encryption and authentication 
mechanisufis might be employed to ensure confidentiality and authenticity for this 
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infonnation. 

FIG. 3 illustrates, more specifically, the SA attributes that might be 
transferred from SUk to SUk+, if the partial SA reuse embodiment is employed. 
As illustrated, SU^ 105, upon receiving a SA request message from 81)^+, 110. as 
indicated by the directional arrow marked "2", sends a reply message 305 to SUk+j 
110, wherein the reply message 305 contains the information necessary to define 
the foUowmg ISAKMP SA attributes: the ISAKMP SA lifetime; the ISAKMP 
session keys, including the ISAKMP session key for authentication and the 
ISAKMP session key for encryption; keying material, which is required for 
deriving the IPjec session keys; the last IKE phase 1 CBC (i.e., cipher block 
chaining) output block for generating an initialization vector which, in mm, is 
needed for the encryption of the first IKE phase 2 message. Although FIG. 3 
indicates that the SA attributes are being transferred in accordance with the direct 
transfer technique described above, it will be readily apparent to one skilled in the 
art that the intermediate storage technique may be employed in the alternative. 

FIG. 4 illustrates the SA attributes that might be transferred from SU^ 105 
to SUk+, 110, in addition to the SA attributes identified in FIG. 3, if the full SA 
reuse embodiment is employed. As illustrated in FIG. 4, SU^ 105, upon receiving 
a SA request message from SU^+i 110, as indicated by the directional arrow 
marked "2" sends a reply message 405 to SUk+, 110, wherein the reply message 
405 contains the information necessary to define the ISAKMP SA attributes 
identified above m FIG. 3, and the information necessary to define the following 
IPsEc SA attributes: the IPjec SA lifetime; the IPsec protocols being used, that is, 
the authentication header and/or encapsulating security pay load protocols; the IPjec 
protocol mode, that is. the transport mode or the tunnel mode; the security 
parameter index(es); the IPjec session keys, including the session keys for 
authentication and encryption, as well as their respective algorithms; the last CBC 
output block prior to hand-over, which is used as the initialization vector for 
encryption of the first IP packet subsequent to hand-over; and the value of the 
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sequence number, in accordance with the authentication header protocol or the 
encapsulating security pay load protocol, just prior to hand-over, as this value plus 
1 will be the initial value of the sequence number after hand-over for anti-relay 
checking purposes. As was the case in FIG. 3, the transfer of SA attributes in 
FIG. 4 is accomplished in accordance with the direct transfer technique described 
above. However, it will be understood that the SA attributes may be transferred m 
accordance with the intermediate storage technique, also described above. 

As stated previously, the first time a MU connects to any SU in a given 
administrative domain, an IKE phase 1 negotiation and an IKE phase 2 negotiation 
must be accomplished, thereby establishing the ISAKMP SA and the I? sec SAs 
respectively. However, in accordance with another aspect of the present 
invention, the SA attributes associated with the ISAKMP SA and the IPsec SAs 
may be stored for a period of time, for example, a period of time equivalent to the 
ISAKMP SA lifetime and the IPsec SA lifetime respectively. The SA attributes 
might be stored in a database, such as the database 215 illustrated in FIG. 2. By 
storing the SA attributes, the MU might avoid having to renegotiate the ISAKMP 
SA and the IPsec SAs if the MU becomes disassociated with the administrative 
domain, for example, by being handed-over to a SU which is not associated with 
the administrative domain, and then the MU becomes reassociated with the 
administrative domain, for example, by being handed back-over to a SU associated 
with the administrative domain, before the aforementioned period of time expires. 
In accordance with this aspect of the invention, the transfer of SA attributes to 
SUk+, might be accomplished in much the same way as the intermediate storage 
technique illustrated in FIG. 2, but for die fact that the MU is handed-over to a SU 
associated with another adnunistrative domain during an interim period between 
the time the MU is connected to SU^ and the time the MU is connected to SU^+j. 

FIG. 5 illustrates a procedure for transferring SA attribute control 
messages, in accordance with an exemplary embodiment of the present invention, 
using encryption and authentication techniques to protect the SA attributes during 
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transfer. While the procedure illustrated in FIG. 5 involves the intermediate 
storage technique, described above with reference to FIG. 2, one skilled in the art 
will readily appreciate that a similar procedure could be applied to the direct 
transfer technique, described above with reference to FIG. 1. 

The procedure illustrated in FIG. 5 initially begins with the MU 
undergoing a hand-over procedure from the stationary unit SU^ to the stationary 
unit SUk+,, as indicated by the directional arrow marked "1", wherein SU^ and 
SUfc^j are associated with the same administrative domain. Therefore, SUk and 
SU^+i are subject to the same security policy. Then, at some point during the 
hand-over procedure, SU^ transfers the SA attribute control message to the DBS, 
as indicated by the directional arrow marked "2**. As shown, the SA attribute 
control message contains a MU identification code (ID^u); SA attributes 
(ENCksa)» which are encrypted using an encryption key Kg^; a time stamp (T); and 
a Hash value (HASHkdb)- The purpose of the MU identification code (ID^u) is to 
identify the SA attributes (i.e., ENCksa) as being associated with the MU. The 
purpose of the time stamp (T) is inform the DBS as to the period of time that has 
elapsed since the SU^ sent the SA control message. If a significant period of time 
has elapsed, the DBS may be designed to reject the SA attribute control message to 
protect against unauthorized replay. While the MU identification code a (ID^u) 
and the time stamp (T) are not typically encrypted, the SA attributes are encrypted 
using an encryption key Ksa, which is shared by each of the SUs associated with 
the administrative domain. The Hash value (HASHkdb) is used for authentication 
purposes, and it is derived using an authentication key Kdb and as a function of the 
MU identification code (IDmu). the SA attributes (ENCksa) and the time stamp (T). 
The authentication key Kdb, like the encryption key Kja. is shared by each of the 
SUs associated with the administrative domain. In addition, it is shared by the 
DBS. 

As stated, S\J^ transfers the SA attribute control message, containing the 
MU identification code (IDmu). the encrypted SA attributes (ENCksa). the time 
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stamp (T), and the Hash value (HASHkdb)» to the DBS. Upon receiving the SA 
attribute control message, the DBS recalculates the Hash value as a function of the 
received values for the MU identification code (ID^u). the SA attributes (ENCks^), 
and the time stamp (T), and based on the authentication key K^b. Then DBS then 
compares the recalculated Hash value with the received Hash value. If the two 
values are equal (i.e., if the two values match), the DBS authenticates SU^, and 
accepts the SA attribute control message. The DBS then stores the encrypted SA 
attributes (ENCs^a) along with the MU identification code (IDmu)- 

Further in accordance with the procedure illustrated in FIG. 5, SU^+i now 
issues a SA attribute request message to the DBS, as indicated by the directional 
arrow marked "3", wherein the SA attribute request message contains the MU 
identification code (IDmu)- In response, the DBS transfers to SUk+, the encrypted 
SA attributes (ENCksa) that correspond to the MU identification code (ID^u) 
contained m the SA attribute request message. By applying the encryption key 
to the SA attributes (ENCksa)» SU^+i can decipher the encrypted SA attributes. 

The present invention has been described with reference to a preferred 
embodiment. However, it will be readily apparent to those skilled in the art that it 
is possible to embody the invention in specific forms other than as described above 
without departing from the spirit of the invention. The preferred embodiments are 
illustrative and should not be considered restrictive in any way. The scope of the 
invention is given by the appended claims, rather than the preceding description, 
and all variations and equivalents which fall within the range of the claims are 
intended to be embraced therein. 
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WHAT IS CLAIMED IS: 

1 . In a radio telecommunication system, a method for accomplishing hand- 
over of a mobile unit from a first stationary unit to a second stationary unit, said 
method comprising the steps of: 

disconnecting the mobile unit from the first stationary unit; 
connecting the mobile unit to the second stationary imit; and 
reusing an existing security association to support the connection between 
the mobile unit and the second stationary unit, wherein the existing security 
association was previously used to support the connection between the mobile unit 
and the first stationary imit. 

2. The method of claim 1 further comprising the step of: 

transferring a number of security association attributes, associated with the 
security association, ft^om the first stationary unit to the second stationary unit. 

3. The method of claim 2, wherein the security association attributes are 
transferred from the first stationary unit directly to the second stationary unit. 

4. The method of claim 2, wherem said step of transferring the number of 
security association attributes, associated with the security association, from the 
first stationary unit to the second stationary xinit comprises the steps of: 

transferring the number of security association attributes from the first 
stationary unit to a data storage entity; and 

transferring the number of security association attributes from the data 
storage entity to the second stationary unit. 

5. The method of claim 4, wherein the data storage entity is a database 
accessible to the second stationary unit. 
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6. The method of claim 2 further comprising the step of: 

encrypting the nimiber of security association attributes, prior to the step of 
transferring the number of security association attributes from the first stationary 
unit to the second stationary unit, using an encryption key that is shared by the 
first and the second stationary units. 

7. The method of claim 1, wherein the existing security association is an 
ISAKMP security association. 

8. The method of claim 1, wherein the existing security association is an IPswc 
security association. 

9. The method of claim 1 , wherein the first stationary unit and the second 
stationary unit are both associated with a common administrative domain, such that 
the first stationary unit and the second stationary unit are subject to a common 
security policy. 

10. The method of claim 9, wherein the first stationary unit and the second 
stationary unit share a common IP address. 

11. In a radio teleconmiunication system, a method for accomplishing hand- 
over of a mobile unit from a first stationary unit to a second stationary unit, said 
method comprising the steps of: 

discoimecting the mobile unit from the first stationary unit; 
connecting the mobile unit to the second mobile unit; and 
reusing an existing security association to support the connection between 
the mobile unit and the second stationary unit, wherein the existing security 
association was previously used to ensure secure communications for a coimection 
between the mobile unit and a third stationary unit, and wherein the third 
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stationary unit and the second stationary unit are associated with a first 
administrative domain that employs a common security policy. 

12. The method of claim 11 further comprising the step of: 
transferring a set of security association attributes associated with the 

existing security association from the third stationary unit to the second stationary 
unit. 

13. The method of claim 11, wherein said step of transferring the set of 
security association attributes associated with the existing security association from 
the third stationary unit to the second stationary unit comprises the steps of: 

transferring the security association attributes from the third stationary unit 
to a storage location; and 

transferring the security association attributes from the storage location to 
the second stationary unit. 

14. The method of claim 13, wherein the storage location is in a database 
associated with the first administrative domain to which the third stationary unit 
and the second stationary unit belong. 

15. The method of claim 1 1 , wherein the first stationary unit is associated with 
a second administrative domain. 

16. In a radio telecommunication network, a method for reusing security 
associations to facilitate hand-over of a mobile unit between stationary units that 
are associated with a common administrative domain, wherein all of the stationary 
units associated with the common administrative domain are subject to the same 
security policy, said method comprising the steps of: 

negotiating a first security association for a connection between the mobile 
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unit and a first stationary unit associated wi± the common administrative domain; 

disconnecting the mobile unit from the first stationary unit; 

connecting the mobile unit to a second stationary unit associated with the 
common administrative domain; 

transferring a first set of security association attributes, corresponding to 
the first security association, from the first stationary, unit to the second stationary 
unit; and 

employing the first security association to ensure secure communications 
for the connection between the mobile unit and the second stationary unit. 

17. The method of claim 16, wherein said step of negotiating a first security 
association comprises the step of: 

establishmg an ISAKMP security association in accordance with an IKE 
phase 1 negotiation procedure. 

18. The method of claim 17 further comprising the steps of: 

negotiating a second security association, in accordance with an IKE phase 
2 negotiation procedure, for the connection between the mobile unit and the first 
stationary unit; 

transferring a second set of security association attributes, corresponding to 
the second security association, from the first stationary unit to the second 
stationary unit; and 

employing the second security association, in conjunction with the first 
security association, to further ensure secure communications for the connection 
between the mobile unit and the second stationary unit. 

19. The method of claim 17, wherein the second security association is an IPsec 
authentication header protocol security association. 
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20. The method of claim 18, wherein the second security association is an IPjec 
encapsulating secxirity payload protocol security association. 

21. In a radio telecommunication system, an apparams for accomplishing hand- 
over of a mobile unit from a first stationary unit to a second stationary unit, said 
apparatus comprising: 

means for disconnecting the mobile unit from the first stationary unit; 
means for connecting the mobile unit to the second stationary unit; and 
means for reusing an existing security association to support the connection 
between the mobile unit and the second stationary unit, wherein the existing 
security association was previously used to support the connection between the 
mobile unit and the first stationary unit. 

22. The apparatus of claim 20 further comprising: 

means for transferring a number of security association attributes associated 
with the security association from the first stationary unit to the second stationary 
unit. 

23. The apparatus of claim 22, wherem the security association attributes are 
transferred from the first stationary unit directly to the second stationary unit. 

24. The apparatus of claim 22, wherein said means for transferring the number 
of security association attributes associated with the security association from the 
first stationary unit to the second stationary unit comprises: 

means for transferring the number of security association attributes from 
the first stationary unit to a data storage entity; and 

means for transferring the number of security association attributes from 
the data storage entity to the second stationary unit. 
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25. The apparatus of claim 24, wherein the data storage entity is a database 
accessible to the second stationary unit. 

26. The apparatus of claim 22 further comprising: 

means for encrypting the number of security association attributes, prior to 
transferring the number of security association attributes from the first stationary 
unit to the second stationary unit, wherein said means for encrypting the number of 
security association attributes employs an encryption key that is shared by the first 
and the second stationary units. 

27. The apparatus of claim 21, wherein the existing security association is an 
ISAKMP security association. 

28. The apparatus of claim 21, wherein the existing security association is an 
IPsEc security association. 

29. The apparatus of claim 21, wherein the first stationary unit and the second 
stationary unit are both associated with a common administrative domain, such that 
the first stationary unit and the second stationary unit are subject to a common 
security policy. 

30. The apparatus of claim 29, wherein the first stationary unit and the second 
stationary unit share a common IP address. 

31. In a radio teleconmiunication system, an apparatus for accomplishing hand- 
over of a mobile unit from a first stationary unit to a second stationary unit, said 
apparatus comprising: 

means for disconnecting the mobile unit from the first stationary unit; 
means for coimecting the mobile unit to the second mobile unit; and 
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means for reusing an existing security association to support the connection 
between the mobile unit and the second stationary unit, wherein the existing 
security association was previously used to ensure secure conununications for a 
connection between the mobile unit and a third stationary unit, and wherein the 
third stationary unit and the second stationary unit are associated with a first 
administrative domain that employs a common security policy. 

32. The apparatus of claim 31 further comprising: 

means for transferring a set of security association attributes associated 
with the existing security association from the third stationary unit to the second 
stationary unit. 

33. The apparatus of claim 31, wherein said means for transferring the set of 
security association attributes associated with the existing security association from 
the third stationary unit to the second stationary unit comprises: 

means for transferring the security association attributes from the third 
stationary unit to a storage location; and 

means for transferring the security association attributes from the storage 
location to the second stationary unit. 

34. The apparatus of claim 33. wherein the storage location is in a database 
associated with the first administrative domain to which the third stationary unit 
and the second stationary unit belong. 

35. The apparatus of claim 31, wherein the first stationary unit is associated 
with a second administrative domain. 
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